@mapbox/sanitize-caja
v0.1.4 sanitize html
sanitize-caja
Sanitize HTML content using the Google Caja JsHtmlSanitizer and a set of basic assumptions, and a wrapper to make it all work in nodejs without global variable leaks and so on.
This is a slightly 'loosened' version of Caja's restrictions, to allow for things like images, links, and a few HTML5 elements.
api
sanitize(html: string)
-> sanitized string
Sanitize a string of HTML content, returning a sanitized string.
install
npm install sanitize-caja
example
var sanitize = require('sanitize-caja');
document.write(sanitize(evilUserInput));
see also
npm i @mapbox/sanitize-caja
Metadata
- BSD-2-Clause
- Whatever
- Tom MacWright
- released 12/2/2016